A. For the User (Downloader): Downloading "Beta" APK files from unverified sources is a major security risk.
B. For Society/Merchants:
Criminals use these fake "beta" versions to deceive merchants and individuals into believing a money transfer has occurred when, in reality, no funds have moved. How the Fake App Works
Fictitious Transactions: The app is designed to look exactly like the real Yape interface. It allows users to enter a phone number and amount to generate a highly convincing but fake confirmation screen or "voucher".
Malware Risks: Beyond generating fake receipts, these "beta" APKs often contain malware. Installing them can give hackers access to your financial data, contacts, or remote control over your device.
Unauthorized Sources: These apps are distributed as APK files via unofficial websites, WhatsApp groups, or social media, bypassing the security checks of official stores like Google Play. Key Ways to Protect Yourself
Verify in Your Own App: Never trust a screenshot or a screen shown by a customer. Always check your own "Movimientos" (Movements) section in the official Yape app to confirm the funds have actually arrived.
Security Code Check: In April 2025, Yape introduced a three-digit security code that appears on both the sender's and receiver's confirmation screens. If the codes do not match, the transaction is fake.
Enable Notifications: Ensure push notifications are active so you receive an immediate alert from the real app when money is received.
Check Your Balance: Use the "Mostrar saldo" (Show balance) feature to verify that your total account balance has increased after a transfer.
Warning: Downloading any "beta" or "modded" version of a banking app from unofficial sources is a major security risk. Stick strictly to the official versions provided by Banco de Crédito del Perú (BCP). How to Spot and Avoid Fake Apps - Kaspersky yape fake app descargar beta
The Beta Trap
Marco prided himself on being ahead of the curve. While his friends grumbled about long lines and forgotten wallets, Marco was always the first to find a digital shortcut. So, when he saw the Facebook post—"Yape Beta 4.0: Exclusive access. Send money with a thought. Literally."—his eyes lit up.
The link promised a sleek, purple-and-gold interface, different from the usual plain red of the real Yape. "Descargar Beta" the button read. He clicked.
The download was suspiciously fast. The app icon appeared: a golden llama winking. Not the official llama, but close enough.
He opened it. A simple screen greeted him: "Verify your phone number to unlock the future of money."
Marco typed his number. A second later, an SMS arrived: "Your Yape code: 882341. Never share this."
The fake app asked for that exact code.
He hesitated. A tiny, rational voice whispered, "Beta testers don't need your 2FA code." But the promise of "thought-powered payments" was intoxicating. He typed the code.
The screen flashed: "Validating beta access..." Then, nothing. The app closed.
Frowning, Marco reopened the real Yape app. His balance: S/0.00. The Beta Trap Marco prided himself on being
His stomach turned to ice. He checked his transaction history. Three withdrawals, each for the maximum amount, sent to a user named "ElBetaTester" in the last thirty seconds. His savings, his rent money, his mother's birthday gift—gone.
He tried calling the bank, but his phone buzzed. A WhatsApp message from an unknown number: "Thanks for testing the beta, Marco. The only thing faster than our app was your greed. Next time, stick to the official store."
Marco stared at the golden llama icon on his home screen. He tried to delete it, but the icon just winked back at him. It wouldn't disappear.
That night, he learned a new definition of "beta." Not the second letter of the Greek alphabet. But the first letter of betrayal.
[30, 32]. These malicious apps are used by scammers to generate false payment confirmations
(screenshots or "vouchers") to deceive merchants and individuals into believing a transfer has been completed when no money has actually moved [29, 30]. 🚨 Critical Warning on "Beta" Versions
Searching for a "beta" or "modded" version of Yape outside official stores is extremely dangerous. Malware Risk : Unofficial APKs (Android Package kits) often contain spyware or financial trojans that can steal your bank credentials or personal data [34]. Legal Consequences : Using these apps to simulate payments is a form of fraud and digital identity theft , which can lead to criminal prosecution. Official Sources : The only legitimate way to download Yape is through the Google Play Store Apple App Store Google Play 🔍 How "Yape Fake" Scams Work
Scammers often use these apps in physical stores or during online marketplace transactions: Simulation
: The scammer enters the victim's phone number and the amount into the fake app. Fake Voucher
: The app generates a screen that looks identical to a successful Yape transfer, complete with the correct date, time, and "operation code." The Reveal enlaces de WhatsApp
: The scammer shows this screen to the seller and leaves with the product before the seller realizes the balance hasn't updated. 🛡️ How to Protect Yourself as a Merchant To avoid falling victim to these scams, follow these security best practices Always Verify in Your Own App
: Never trust a screenshot shown by the customer. Open your own Yape app and verify that the money has actually arrived in your "Movements" (Movimientos) Wait for the Notification
: Ensure you receive the official push notification or SMS alert on your device. Check the Details : Fake apps often have
misspelled words, slightly off-color branding, or inconsistent fonts Use Yape POS/QR
In an official statement released in Q1 2026, the Yape security team noted:
"We have detected over 200 fraudulent websites and Telegram bots offering fake 'beta' versions of Yape. These are designed exclusively for phishing and malware distribution. Yape will never contact you via WhatsApp or Telegram to offer a download link. All official updates are pushed through the iOS and Android marketplaces."
They have also partnered with the Peruvian National Police (PNP) Division of High-Tech Crimes to track down distributors of fake APKs. However, many servers are hosted outside of Peru, making prosecution difficult.
Advanced fake apps contain a Remote Access Trojan (RAT). This gives the attacker control of your phone camera, microphone, and screen. They can watch you type your password and record your biometric data.
Al descargar e instalar un APK falso (especialmente versiones beta no disponibles en Play Store), el malware actúa de varias formas:
| Característica | App Verdadera (Play Store) | App Falsa (APK externo) |
| :--- | :--- | :--- |
| Fuente de descarga | Google Play Store oficial | Páginas web, enlaces de WhatsApp, Telegram |
| Tamaño del archivo | ~35-50 MB | Muy pequeño (<10 MB) o enorme (>100 MB) |
| Permisos solicitados | Cámara, SMS, Contactos (justificados) | Acceso a notificaciones, administrador del dispositivo, superposición de pantalla |
| Nombre del paquete | pe.bcp.yape | pe.yape.beta.fake, com.yape.mod |
| Actualizaciones | Automáticas desde Play Store | Manual, mediante otro APK |
The most common fake Yape app is a phishing tool. When you open it, it looks identical to the real Yape login screen. But when you enter your DNI and password, the data is sent directly to the criminal. Within minutes, they can empty your linked bank account and even request loans in your name.